PDN Gateway
Configuration

This chapter
provides configuration information for the PDN Gateway (P-GW).

Important

Information about
all commands in this chapter can be found in the
Command Line
Interface Reference.

Because each
wireless network is unique, the system is designed with a variety of parameters
allowing it to perform in various wireless network environments. In this
chapter, only the minimum set of parameters are provided to make the system
operational. Optional configuration commands specific to the P-GW product are
located in the
Command Line
Interface Reference.

Configuring the
System as a Standalone eGTP P-GW

This section
provides a high-level series of steps and the associated configuration file
examples for configuring the system to perform as an eGTP P-GW in a test
environment. For a complete configuration file example, refer to the
Sample
Configuration Files appendix. Information provided in this section
includes the following:

Information
Required

The following
sections describe the minimum amount of information required to configure and
make the P-GW operational on the network. To make the process more efficient,
it is recommended that this information be available prior to configuring the
system.

There are additional
configuration parameters that are not described in this section. These
parameters deal mostly with fine-tuning the operation of the P-GW in the
network. Information on these parameters can be found in the appropriate
sections of the
Command Line
Interface Reference.

Required Local
Context Configuration Information

The following table
lists the information that is required to configure the local context on an
P-GW.

Table 1. Required
Information for Local Context Configuration

Required Information

Description

Management Interface Configuration

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface will be recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the management interface(s) to a specific
network.

Security
administrator name

The name or
names of the security administrator with full rights to the system.

Security
administrator password

Open or
encrypted passwords can be used.

Remote
access type(s)

The type of
remote access protocol that will be used to access the system, such as telnet,
SSH, and/or FTP.

Important

In release
20.0 and higher Trusted StarOS builds, the telnet and FTP options are no longer
available.

Required P-GW
Context Configuration Information

The following table
lists the information that is required to configure the P-GW context on a P-GW.

Table 2. Required
Information for P-GW Context Configuration

Required Information

Description

P-GW context
name

An
identification string from 1 to 79 characters (alpha and/or numeric) by which
the P-GW context will be recognized by the system.

Accounting
policy name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the accounting policy will be recognized by the system. The accounting policy
is used to set parameters for the Rf (off-line charging) interface.

S5/S8
Interface Configuration (To/from S-GW)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface will be recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

GTP-U
Service Configuration

GTP-U
service name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the GTP-U service will be recognized by the system.

IP address

S5/S8
interface IPv4 address.

P-GW
Service Configuration

P-GW service
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the P-GW service will be recognized by the system.

Multiple
names are needed if multiple P-GW services will be used.

PLMN ID

MCC number:
The mobile country code (MCC) portion of the PLMN's identifier (an integer
value between 100 and 999).

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the eGTP service will be recognized by the system.

Required PDN Context
Configuration Information

The following table
lists the information that is required to configure the PDN context on a P-GW.

Table 3. Required
Information for PDN Context Configuration

Required Information

Description

PDN context
name

An
identification string from 1 to 79 characters (alpha and/or numeric) by which
the PDN context is recognized by the system.

IP
Address Pool Configuration

IPv4 address
pool name and range

An
identification string between 1 and 31 characters (alpha and/or numeric) by
which the IPv4 pool is recognized by the system.

Multiple
names are needed if multiple pools will be configured.

A range of
IPv4 addresses defined by a starting address and an ending address.

IPv6 address
pool name and range

An
identification string between 1 and 31 characters (alpha and/or numeric) by
which the IPv6 pool is recognized by the system.

Multiple
names are needed if multiple pools will be configured.

A range of
IPv6 addresses defined by a starting address and an ending address.

Access
Control List Configuration

IPv4 access
list name

An
identification string between 1 and 47 characters (alpha and/or numeric) by
which the IPv4 access list is recognized by the system.

Multiple
names are needed if multiple lists will be configured.

IPv6 access
list name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the IPv6 access list is recognized by the system.

Multiple
names are needed if multiple lists will be configured.

Deny/permit
type

The types
are:

any

by host
IP address

by IP
packets

by
source ICMP packets

by
source IP address masking

by
TCP/UDP packets

Readdress or
redirect type

The types
are

readdress server

redirect
context

redirect
css delivery-sequence

redirect
css service

redirect
nexthop

SGi
Interface Configuration (To/from IPv4 PDN)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

SGi
Interface Configuration (To/from IPv6 PDN)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Required AAA Context
Configuration Information

The following table
lists the information that is required to configure the AAA context on a P-GW.

Table 4. Required
Information for AAA Context Configuration

Required Information

Description

Gx
Interface Configuration (to PCRF)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Gx
Diameter Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the Gx Diameter endpoint configuration is recognized by the system.

Origin realm
name

An
identification string between 1 through 127 characters.

The realm is
the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin host
name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the Gx origin host is recognized by the system.

Origin host
address

The IP
address of the Gx interface.

Peer name

The Gx
endpoint name described above.

Peer realm
name

The Gx
origin realm name described above.

Peer address
and port number

The IP
address and port number of the PCRF.

Route-entry
peer

The Gx
endpoint name described above.

Gy
Interface Configuration (to on-line charging server)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Gy
Diameter Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the Gy Diameter endpoint configuration is recognized by the system.

Origin realm
name

An
identification string between 1 through 127 characters.

The realm is
the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin host
name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the Gy origin host is recognized by the system.

Origin host
address

The IP
address of the Gy interface.

Peer name

The Gy
endpoint name described above.

Peer realm
name

The Gy
origin realm name described above.

Peer address
and port number

The IP
address and port number of the OCS.

Route-entry
peer

The Gy
endpoint name described above.

Gz
Interface Configuration (to off-line charging server)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Rf
Interface Configuration (to off-line charging server)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or
IPv6 addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The
physical port to which the interface will be bound. Ports are identified by the
chassis slot number where the line card resides followed by the number of the
physical connector on the card. For example, port 17/1 identifies connector
number 1 on the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Rf
Diameter Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the Rf Diameter endpoint configuration is recognized by the system.

Origin
realm name

An
identification string between 1 through 127 characters.

The realm
is the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin
host name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the Rf origin host is recognized by the system.

Origin
host address

The IP
address of the Rf interface.

Peer name

The Rf
endpoint name described above.

Peer realm
name

The Rf
origin realm name described above.

Peer
address and port number

The IP
address and port number of the OFCS.

Route-entry peer

The Rf
endpoint name described above.

How This
Configuration Works

The following figure
and supporting text describe how this configuration with a single source and
destination context is used by the system to process a subscriber call
originating from the GTP LTE network.

Figure 1. GTP P-GW Configuration Elements

The S-GW
establishes the S5/S8 connection by sending a Create Session Request message to
the P-GW including an Access Point name (APN).

The P-GW service
determines which context to use to provide AAA functionality for the session.
This process is described in the
How the
System Selects Contexts
section located in the
Understanding the System Operation and Configuration
chapter of the
System
Administration Guide.

The P-GW uses
the configured Gx Diameter endpoint to establish the IP-CAN session.

The P-GW sends a
CC-Request (CCR) message to the PCRF to indicate the establishment of the
IP-CAN session and the PCRF acknowledges with a CC-Answer (CCA).

The P-GW uses
the APN configuration to select the PDN context. IP addresses are assigned from
the IP pool configured in the selected PDN context.

The P-GW
responds to the S-GW with a Create Session Response message including the
assigned address and additional information.

The S5/S8 data
plane tunnel is established and the P-GW can forward and receive packets
to/from the PDN.

eGTP P-GW
Configuration

To configure the
system to perform as a standalone eGTP P-GW:

Figure 2. eGTP P-GW Configurables

Procedure

Step 1

Set system
configuration parameters such as activating PSCs by applying the example
configurations found in the
System
Administration Guide.

Step 2

Set initial
configuration parameters such as creating contexts and services by applying the
example configurations found in the
Initial Configuration.

Step 3

Configure the
system to perform as an eGTP P-GW and set basic P-GW parameters such as eGTP
interfaces and IP routes by applying the example configurations presented in
the
P-GW Service Configuration.

gtpp single-source is enabled to allow the system
to generate requests to the accounting server using a single UDP port (by way
of a AAA proxy function) rather than each AAA manager generating requests on
unique UDP ports.

The S5/S8 (P-GW
to S-GW) interface IP address can also be specified as an IPv6 address using
the
ipv6 address
command.

Set the
accounting policy for the Rf (off-line charging) interface. The accounting
level types are: flow, PDN, PDN-QCI, QCI, and subscriber. Refer to the
Accounting
Profile Configuration Mode Commands chapter in the
Command
Line Interface Reference for more information on this command.

The IMS
Authorization Service is created and configured in the AAA context.

Multiple APNs
can be configured to support different domain names.

The
associate accounting-policy command is used to associate a
pre-configured accounting policy with this APN. Accounting policies are
configured in the P-GW context. An example is located in the
Creating and Configuring an eGTP P-GW Context.

Use the following
configuration to create an APN that includes Gz interface parameters:

Creating and
Configuring the AAA Context

Use the following
example to create and configure a AAA context including diameter support and
policy control, and bind Ethernet ports to interfaces supporting traffic
between this context and a PCRF, an OCS, and an OFCS:

The above
configuration only shows one keyword example. Refer to the
QCI - QOS
Mapping Configuration Mode Commands chapter in the
Command
Line Interface Reference for more information on the
qci command and
other supported keywords.

Verifying and Saving
the Configuration

Save your
configuration to flash memory, an external memory device, and/or a network
location using the Exec mode command
save
configuration . For additional information on how to verify and
save configuration files, refer to the
System
Administration Guide and the
Command Line
Interface Reference.

DHCP Service
Configuration

The system can be
configured to use the Dynamic Host Control Protocol (DHCP) to assign IP
addresses for PDP contexts. IP address assignment using DHCP is done using the
following method, as configured within an APN:

DHCP-proxy: The system
acts as a proxy for client (MS) and initiates the DHCP Discovery Request on
behalf of client (MS). Once it receives an allocated IP address from DHCP
server in response to DHCP Discovery Request, it assigns the received IP
address to the MS. This allocated address must be matched with the an address
configured in an IP address pool on the system. This complete procedure is not
visible to MS.

As the number of
addresses in memory decreases, the system solicits additional addresses from
the DHCP server. If the number of addresses stored in memory rises above the
configured limit, they are released back to the DHCP server.

There are parameters
that must first be configured that specify the DHCP servers to communicate with
and how the IP address are handled. These parameters are configured as part of
a DHCP service.

Important

This section
provides the minimum instruction set for configuring a DHCP service on system
for DHCP-based IP allocation. For more information on commands that configure
additional DHCP server parameters and working of these commands, refer to the
DHCP Service
Configuration Mode Commands chapter of
Command Line
Interface Reference.

These instructions
assume that you have already configured the system level configuration as
described in
System
Administration Guide and P-GW service as described in
eGTP P-GW
Configuration section of this chapter.

To configure the
DHCP service:

Procedure

Step 1

Create the DHCP
service in system context and bind it by applying the example configuration in
the
DHCP Service Creation.

Step 2

Configure the
DHCP servers and minimum and maximum allowable lease times that are accepted in
responses from DHCP servers by applying the example configuration in the
DHCP Server Parameter Configuration.

Multiple DHCP
services can be configured. Each service can have multiple DHCP servers
configured by entering
dhcp server
command multiple times. A maximum of 225 DHCP services can be configured with
maximum of 8 DHCP servers configurations per DHCP service.

The
dhcp
detect-dead-server command and
max-retransmissions command work in conjunction
with each other.

The
retransmission-timeout command works in conjunction with
max-retransmissions command.

DHCP Service
Configuration Verification

Procedure

Step 1

Verify that your
DHCP servers configured properly by entering the following command in Exec
Mode:

show dhcp service all

This command
produces an output similar to that displayed below where DHCP name is
dhcp1:

Verify the DHCP
service status by entering the following command in Exec Mode:

show dhcp service status

DHCPv6 Service
Configuration

The system can be
configured to use the Dynamic Host Control Protocol (DHCP) for IPv6 to enable
the DHCP servers to pass the configuration parameters such as IPv6 network
addresses to IPv6 nodes. DHCPv6 configuration is done within an APN.

These instructions
assume that you have already configured the system level configuration as
described in
System
Administration Guide and APN as described in
P-GW PDN Context Configuration.

To configure the
DHCPv6 service:

Procedure

Step 1

Create the
DHCPv6 service in system context and bind it by applying the example
configuration in the
DHCPv6 Service Creation.

Step 2

Configure the
DHCPv6 server and other configurable values for Renew Time, Rebind Time,
Preferred Lifetime, and Valid Lifetime by applying the example configuration in
the
DHCPv6 Server Parameter Configuration.

Step 3

Configure the
DHCPv6 client and other configurable values for Maximum Retransmissions, Server
Dead Tries, and Server Resurrect Time by applying the example configuration in
the
DHCPv6 Client Parameter Configuration.

DHCPv6 client
configuration requires an IPv6 address, port, and priority. The port is used
for communicating with the DHCPv6 server. If not specified, default port 547 is
used. The Priority parameter defines the priority in which servers should be
tried out.

max-retransmissions configures the max
retransmission that DHCPV6-CLIENT will make towards DHCPV6-SERVER. Default is
20.

server-dead-time : PDN DHCPV6-SERVER is considered
to be dead if it does not respond after given tries from client. Default is 5.

server-resurrect-time : PDN DHCPV6-SERVER is
considered alive after it has been dead for given seconds. Default is 20.

enable rapid-commit-dhcpv6 command enables rapid
commit on the DHCPv6 server. By default it is disabled. This is done to ensure
that if there are multiple DHCPv6 servers in a network, with
rapid-commit-option, they would all end up reserving resources for the UE.

process dhcp-option-from command configures in
what order the configuration options should be processed for a given client
request. For a given client configuration, values can be obtained from either
AAA, PDN-DHCP-SERVER, or LOCAL. By default, AAA is preferred over PDN-DHCP,
which is preferred over LOCAL configuration.

dhcpv6-server-preference : According to RFC-3315,
DHCPv6-CLIENT should wait for a specified amount of time before considering
responses to its queries from DHCPv6-SERVERS. If a server responds with a
preference value of 255, DHCPv6-CLIENT need not wait any longer. Default value
is 0 and it may have any configured integer between 1 and 255.

enable dhcpv6-server-unicast command enables
server-unicast option for DHCPv6. By default, it is disabled.

enable dhcpv6-server-reconf command configures
support for reconfiguration messages from the server. By default, it is
disabled.

client identifier command configures the
client-identifier, which is sent to the external DHCP server. By default, IMSI
is sent. Another available option is MSISDN.

enable rapid-commit-dhcpv6 command configures the
rapid commit for the client. By default, rapid-commit option is enabled for
both DHCPv4 & DHCPv6.

enable dhcp-message-spray command enables
dhcp-client to spray a DHCP message to all configured DHCP servers in the PDN.
By default this is disabled. With Rapid-Commit, there can only be one server to
which this can be sent.

request dhcp-option command configures DHCP
options which can be requested by the dhcp-client. It supports the following
options:

dns-address

netbios-server-address

sip-server-address

Associate DHCPv6
Configuration

Use the following
example to associate the DHCPv6 profile with an APN:

Verify the
DHCPv6 service status by entering the following command in Exec Mode:

show dhcpv6 status service dhcpv6_service_name

Configuring the
System as a Standalone PMIP P-GW in an LTE-SAE Network

This section
provides a high-level series of steps and the associated configuration file
examples for configuring the system to perform as a P-MIP P-GW in an LTE-SAE
test environment. For a complete configuration file example, refer to the
Sample
Configuration Files appendix. Information provided in this section
includes the following:

Information
Required

The following
sections describe the minimum amount of information required to configure and
make the P-GW operational on the network. To make the process more efficient,
it is recommended that this information be available prior to configuring the
system.

There are additional
configuration parameters that are not described in this section. These
parameters deal mostly with fine-tuning the operation of the P-GW in the
network. Information on these parameters can be found in the appropriate
sections of the
Command Line
Interface Reference.

Required Local
Context Configuration Information

The following table
lists the information that is required to configure the local context on an
P-GW.

Table 5. Required
Information for Local Context Configuration

Required Information

Description

Management Interface
Configuration

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface will be recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the management interface(s) to a specific
network.

Security
administrator name

The name or
names of the security administrator with full rights to the system.

Security
administrator password

Open or
encrypted passwords can be used.

Remote
access type(s)

The type of
remote access protocol that will be used to access the system, such as telnet,
SSH, and/or FTP.

Important

In release
20.0 and higher Trusted StarOS builds, the telnet and FTP options are no longer
available.

Required P-GW
Context Configuration Information

The following table
lists the information that is required to configure the P-GW context on a P-GW.

Table 6. Required
Information for P-GW Context Configuration

Required Information

Description

P-GW context
name

An
identification string from 1 to 79 characters (alpha and/or numeric) by which
the P-GW context will be recognized by the system.

Accounting
policy name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the accounting policy will be recognized by the system. The accounting policy
is used to set parameters for the Rf (off-line charging) interface.

S5/S8 Interface Configuration
(To/from S-GW)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface will be recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

P-GW Service
Configuration

P-GW service
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the P-GW service will be recognized by the system.

Multiple
names are needed if multiple P-GW services will be used.

LMA Service Configuration

LMA Service
Name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the LMA service will be recognized by the system.

Required PDN Context
Configuration Information

The following table
lists the information that is required to configure the PDN context on a P-GW.

Table 7. Required
Information for PDN Context Configuration

Required Information

Description

P-GW context
name

An
identification string from 1 to 79 characters (alpha and/or numeric) by which
the P-GW context is recognized by the system.

IP Address Pool
Configuration

IPv4 address
pool name and range

An
identification string between 1 and 31 characters (alpha and/or numeric) by
which the IPv4 pool is recognized by the system.

Multiple
names are needed if multiple pools will be configured.

A range of
IPv4 addresses defined by a starting address and an ending address.

IPv6 address
pool name and range

An
identification string between 1 and 31 characters (alpha and/or numeric) by
which the IPv6 pool is recognized by the system.

Multiple
names are needed if multiple pools will be configured.

A range of
IPv6 addresses defined by a starting address and an ending address.

Access Control List
Configuration

IPv4 access
list name

An
identification string between 1 and 47 characters (alpha and/or numeric) by
which the IPv4 access list is recognized by the system.

Multiple
names are needed if multiple lists will be configured.

IPv6 access
list name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the IPv6 access list is recognized by the system.

Multiple
names are needed if multiple lists will be configured.

Deny/permit
type

The types
are:

any

by host
IP address

by IP
packets

by
source ICMP packets

by
source IP address masking

by
TCP/UDP packets

Readdress or
redirect type

The types
are

readdress server

redirect
context

redirect
css delivery-sequence

redirect
css service

redirect
nexthop

SGi Interface Configuration
(To/from IPv4 PDN)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

SGi Interface Configuration
(To/from IPv6 PDN)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Required AAA Context
Configuration Information

The following table
lists the information that is required to configure the AAA context on a P-GW.

Table 8. Required
Information for AAA Context Configuration

Required Information

Description

Gx
Interface Configuration (to PCRF)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Gx
Diameter Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the Gx Diameter endpoint configuration is recognized by the system.

Origin realm
name

An
identification string between 1 through 127 characters.

The realm is
the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin host
name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the Gx origin host is recognized by the system.

Origin host
address

The IP
address of the Gx interface.

Peer name

The Gx
endpoint name described above.

Peer realm
name

The Gx
origin realm name described above.

Peer address
and port number

The IP
address and port number of the PCRF.

Route-entry
peer

The Gx
endpoint name described above.

S6b
Interface Configuration (to 3GPP AAA server)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

S6b
Diameter Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the S6b Diameter endpoint configuration is recognized by the system.

Origin realm
name

An
identification string between 1 through 127 characters.

The realm is
the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin host
name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the S6b origin host is recognized by the system.

Origin host
address

The IP
address of the S6b interface.

Peer name

The S6b
endpoint name described above.

Peer realm
name

The S6b
origin realm name described above.

Peer address
and port number

The IP
address and port number of the AAA server.

Route-entry
peer

The S6b
endpoint name described above.

Gy
Interface Configuration (to on-line charging server)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Gy
Diameter Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the Gy Diameter endpoint configuration is recognized by the system.

Origin
realm name

An
identification string between 1 through 127 characters.

The realm
is the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin
host name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the Gy origin host is recognized by the system.

Origin
host address

The IP
address of the Gy interface.

Peer name

The Gy
endpoint name described above.

Peer realm
name

The Gy
origin realm name described above.

Peer
address and port number

The IP
address and port number of the AAA server.

Route-entry peer

The Gy
endpoint name described above.

Rf
Interface Configuration (to off-line charging server)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or
IPv6 addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The
physical port to which the interface will be bound. Ports are identified by the
chassis slot number where the line card resides followed by the number of the
physical connector on the card. For example, port 17/1 identifies connector
number 1 on the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Rf
Diameter Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the Rf Diameter endpoint configuration is recognized by the system.

Origin
realm name

An
identification string between 1 through 127 characters.

The realm
is the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin
host name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the Rf origin host is recognized by the system.

Origin
host address

The IP
address of the Rf interface.

Peer name

The Rf
endpoint name described above.

Peer realm
name

The Rf
origin realm name described above.

Peer
address and port number

The IP
address and port number of the PCRF.

Route-entry peer

The Rf
endpoint name described above.

How This
Configuration Works

The following figure
and supporting text describe how this configuration with a single source and
destination context is used by the system to process a subscriber call
originating from the PMIP LTE network.

Figure 3. Elements of the PMIP P-GW in the LTE Network

The S-GW
establishes the S5/S8 connection by sending a Create Session Request message to
the P-GW including an Access Point name (APN).

The P-GW service
determines which context to use to provide AAA functionality for the session.
This process is described in the
How the
System Selects Contexts section located in the
Understanding the System Operation and Configuration
chapter of the
System
Administration Guide.

The P-GW uses
the configured Gx Diameter endpoint to establish the IP-CAN session.

The P-GW sends a
CC-Request (CCR) message to the PCRF to indicate the establishment of the
IP-CAN session and the PCRF acknowledges with a CC-Answer (CCA).

The P-GW uses
the APN configuration to select the PDN context. IP addresses are assigned from
the IP pool configured in the selected PDN context.

The P-GW
responds to the S-GW with a Create Session Response message including the
assigned address and additional information.

The S5/S8 data
plane tunnel is established and the P-GW can forward and receive packets
to/from the PDN.

P-MIP P-GW (LTE)
Configuration

To configure the
system to perform as a standalone P-MIP P-GW in an LTE-SAE network environment,
review the following graphic and subsequent steps.

Figure 4. PMIP P-GW
(LTE) Configurables

Procedure

Step 1

Set system
configuration parameters such as activating PSCs by applying the example
configurations found in the
System
Administration Guide.

Step 2

Set initial
configuration parameters such as creating contexts and services by applying the
example configurations found in the
Initial Configuration.

Step 3

Configure the
system to perform as a PMIP P-GW and set basic P-GW parameters such as PMIP
interfaces and an IP route by applying the example configurations presented in
the
P-GW Service Configuration.

Set the
accounting policy for the Rf (off-line charging) interface. The accounting
level types are: flow, PDN, PDN-QCI, QCI, and subscriber. Refer to the
Accounting
Profile Configuration Mode Commands chapter in the
Command
Line Interface Reference for more information on this command.

The
no aaa
acounting command is used to prevent duplicate accounting
packets.

Enabling
revocation provides for MIP registration revocation in the event that MIP
revocation is negotiated with a MAG and a MIP binding is terminated, the LMA
can send a revocation message to the MAG.

Creating a P-GW PDN
Context

Use the following
example to create a P-GW PDN context and Ethernet interface, and bind the
interface to a configured Ethernet port.

The above
configuration only shows one keyword example. Refer to the
QCI - QOS
Mapping Configuration Mode Commands chapter in the
Command
Line Interface Reference for more information on the
qci command and
other supported keywords.

Verifying and Saving
the Configuration

Save your
configuration to flash memory, an external memory device, and/or a network
location using the Exec mode command
save
configuration . For additional information on how to verify and
save configuration files, refer to the
System
Administration Guide and the
Command Line
Interface Reference.

Configuring the
System as a Standalone PMIP P-GW Supporting an eHRPD Network

This section
provides a high-level series of steps and the associated configuration file
examples for configuring the system to perform as a P-MIP P-GW supporting an
eHRPD test environment. For a complete configuration file example, refer to the
Sample
Configuration Files appendix. Information provided in this section
includes the following:

Information
Required

The following
sections describe the minimum amount of information required to configure and
make the P-GW operational on the network. To make the process more efficient,
it is recommended that this information be available prior to configuring the
system.

There are additional
configuration parameters that are not described in this section. These
parameters deal mostly with fine-tuning the operation of the P-GW in the
network. Information on these parameters can be found in the appropriate
sections of the
Command Line
Interface Reference.

Required Local
Context Configuration Information

The following table
lists the information that is required to configure the local context on an
P-GW.

Table 9. Required
Information for Local Context Configuration

Required Information

Description

Management
Interface Configuration

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface will be recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the management interface(s) to a specific
network.

Security
administrator name

The name or
names of the security administrator with full rights to the system.

Security
administrator password

Open or
encrypted passwords can be used.

Remote
access type(s)

The type of
remote access protocol that will be used to access the system, such as telnet,
SSH, and/or FTP.

Important

In release
20.0 and higher Trusted StarOS builds, the telnet and FTP options are no longer
available.

Required P-GW
Context Configuration Information

The following table
lists the information that is required to configure the P-GW context on a P-GW.

Table 10. Required
Information for P-GW Context Configuration

Required Information

Description

P-GW context
name

An
identification string from 1 to 79 characters (alpha and/or numeric) by which
the P-GW context will be recognized by the system.

Accounting
policy name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the accounting policy will be recognized by the system. The accounting policy
is used to set parameters for the Rf (off-line charging) interface.

S2a
Interface Configuration (To/from HSGW)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface will be recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

P-GW Service
Configuration

P-GW service
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the P-GW service will be recognized by the system.

Multiple
names are needed if multiple P-GW services will be used.

PLMN ID

MCC number:
The mobile country code (MCC) portion of the PLMN's identifier (an integer
value between 100 and 999).

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the LMA service will be recognized by the system.

Required PDN Context
Configuration Information

The following table
lists the information that is required to configure the PDN context on a P-GW.

Table 11. Required
Information for PDN Context Configuration

Required Information

Description

P-GW context
name

An
identification string from 1 to 79 characters (alpha and/or numeric) by which
the P-GW context is recognized by the system.

IP Address
Pool Configuration

IPv4 address
pool name and range

An
identification string between 1 and 31 characters (alpha and/or numeric) by
which the IPv4 pool is recognized by the system.

Multiple
names are needed if multiple pools will be configured.

A range of
IPv4 addresses defined by a starting address and an ending address.

IPv6 address
pool name and range

An
identification string between 1 and 31 characters (alpha and/or numeric) by
which the IPv6 pool is recognized by the system.

Multiple
names are needed if multiple pools will be configured.

A range of
IPv6 addresses defined by a starting address and an ending address.

Access
Control List Configuration

IPv4 access
list name

An
identification string between 1 and 47 characters (alpha and/or numeric) by
which the IPv4 access list is recognized by the system.

Multiple
names are needed if multiple lists will be configured.

IPv6 access
list name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the IPv6 access list is recognized by the system.

Multiple
names are needed if multiple lists will be configured.

Deny/permit
type

The types
are:

any

by host
IP address

by IP
packets

by
source ICMP packets

by
source IP address masking

by
TCP/UDP packets

Readdress or
redirect type

The types
are

readdress server

redirect
context

redirect
css delivery-sequence

redirect
css service

redirect
nexthop

SGi
Interface Configuration (To/from IPv4 PDN)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

SGi
Interface Configuration (To/from IPv6 PDN)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Required AAA Context
Configuration Information

The following table
lists the information that is required to configure the AAA context on a P-GW.

Table 12. Required
Information for AAA Context Configuration

Required Information

Description

Gx Interface
Configuration (to PCRF)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Gx Diameter
Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the Gx Diameter endpoint configuration is recognized by the system.

Origin realm
name

An
identification string between 1 through 127 characters.

The realm is
the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin host
name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the Gx origin host is recognized by the system.

Origin host
address

The IP
address of the Gx interface.

Peer name

The Gx
endpoint name described above.

Peer realm
name

The Gx
origin realm name described above.

Peer address
and port number

The IP
address and port number of the PCRF.

Route-entry
peer

The Gx
endpoint name described above.

S6b
Interface Configuration (to 3GPP AAA server)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

S6b Diameter
Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the S6b Diameter endpoint configuration is recognized by the system.

Origin realm
name

An
identification string between 1 through 127 characters.

The realm is
the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin host
name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the S6b origin host is recognized by the system.

Origin host
address

The IP
address of the S6b interface.

Peer name

The S6b
endpoint name described above.

Peer realm
name

The S6b
origin realm name described above.

Peer address
and port number

The IP
address and port number of the AAA server.

Route-entry
peer

The S6b
endpoint name described above.

Rf Interface
Configuration (to off-line charging server)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or IPv6
addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The physical
port to which the interface will be bound. Ports are identified by the chassis
slot number where the line card resides followed by the number of the physical
connector on the card. For example, port 17/1 identifies connector number 1 on
the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the management interface(s) to a specific
network.

Rf
Diameter Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the Rf Diameter endpoint configuration is recognized by the system.

Origin
realm name

An
identification string between 1 through 127 characters.

The realm
is the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin
host name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the Rf origin host is recognized by the system.

Origin
host address

The IP
address of the Rf interface.

Peer name

The Rf
endpoint name described above.

Peer realm
name

The Rf
origin realm name described above.

Peer
address and port number

The IP
address and port number of the OFCS.

Route-entry peer

The Rf
endpoint name described above.

Gy
Interface Configuration (to on-line charging server)

Interface
name

An
identification string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.

Multiple
names are needed if multiple interfaces will be configured.

IP address
and subnet

IPv4 or
IPv6 addresses assigned to the interface.

Multiple
addresses and subnets are needed if multiple interfaces will be configured.

Physical
port number

The
physical port to which the interface will be bound. Ports are identified by the
chassis slot number where the line card resides followed by the number of the
physical connector on the card. For example, port 17/1 identifies connector
number 1 on the card in slot 17.

A single
physical port can facilitate multiple interfaces.

Gateway IP
address

Used when
configuring static IP routes from the interface(s) to a specific network.

Gy
Diameter Endpoint Configuration

End point
name

An
identification string from 1 to 63 characters (alpha and/or numeric) by which
the Gy Diameter endpoint configuration is recognized by the system.

Origin
realm name

An
identification string between 1 through 127 characters.

The realm
is the Diameter identity. The originator's realm is present in all Diameter
messages and is typically the company or service name.

Origin
host name

An
identification string from 1 to 255 characters (alpha and/or numeric) by which
the Gy origin host is recognized by the system.

Origin
host address

The IP
address of the Gy interface.

Peer name

The Gy
endpoint name described above.

Peer realm
name

The Gy
origin realm name described above.

Peer
address and port number

The IP
address and port number of the OCS.

Route-entry peer

The Gy
endpoint name described above.

How This
Configuration Works

The following figure
and supporting text describe how this configuration with a single source and
destination context is used by the system to process a subscriber call
originating from the GTP LTE network.

Figure 5. Elements of the PMIP P-GW Supporting an eHRPD
Network

The S-GW
establishes the S5/S8 connection by sending a Create Session Request message to
the P-GW including an Access Point name (APN).

The P-GW service
determines which context to use to provide AAA functionality for the session.
This process is described in the
How the
System Selects Contexts section located in the
Understanding the System Operation and Configuration
chapter of the
System
Administration Guide.

The P-GW uses
the configured Gx Diameter endpoint to establish the IP-CAN session.

The P-GW sends a
CC-Request (CCR) message to the PCRF to indicate the establishment of the
IP-CAN session and the PCRF acknowledges with a CC-Answer (CCA).

The P-GW uses
the APN configuration to select the PDN context. IP addresses are assigned from
the IP pool configured in the selected PDN context.

The P-GW
responds to the S-GW with a Create Session Response message including the
assigned address and additional information.

The S5/S8 data
plane tunnel is established and the P-GW can forward and receive packets
to/from the PDN.

P-MIP P-GW (eHRPD)
Configuration

To configure the
system to perform as a standalone P-MIP P-GW in an eHRPD network environment,
review the following graphic and subsequent steps.

Figure 6. P-MIP P-GW
(eHRPD) Configuration

Procedure

Step 1

Set system
configuration parameters such as activating PSCs by applying the example
configurations found in the
System
Administration Guide.

Step 2

Set initial
configuration parameters such as creating contexts and services by applying the
example configurations found in
Initial
Configuration.

Step 3

Configure the
system to perform as a P-MIP P-GW and set basic P-GW parameters such as P-MIP
interfaces and an IP route by applying the example configurations presented in
P-GW Service Configuration.

Set the
accounting policy for the Rf (off-line charging) interface. The accounting
level types are: flow, PDN, PDN-QCI, QCI, and subscriber. Refer to the
Accounting
Profile Configuration Mode Commands chapter in the
Command
Line Interface Reference for more information on this command.

The IMS
Authorization Service is created and configured in the AAA context.

Multiple APNs
can be configured to support different domain names.

The associate
accounting-policy command is used to associate a pre-configured accounting
policy with this APN. Accounting policies are configured in the P-GW context.
An example is located in
Creating and Configuring a P-MIP P-GW Context.

Creating and
Configuring AAA Groups in the P-GW Context

Use the following
example to create and configure AAA groups supporting RADIUS and Rf accounting:

The
no aaa
acounting command is used to prevent duplicate accounting
packets.

Enabling
revocation provides for MIP registration revocation in the event that MIP
revocation is negotiated with a MAG and a MIP binding is terminated, the LMA
can send a revocation message to the MAG.

Creating a P-GW PDN
Context

Use the following
example to create a P-GW PDN context and Ethernet interfaces.

Creating and
Configuring the AAA Context

Use the following
example to create and configure a AAA context including diameter support and
policy control, and bind ports to interfaces supporting traffic between this
context, a PCRF, a 3GPP AAA server, an on-line charging server, and an off-line
charging server:

The above
configuration only shows one keyword example. Refer to the
QCI - QOS
Mapping Configuration Mode Commands chapter in the
Command
Line Interface Reference for more information on the
qci command and
other supported keywords.

Verifying and Saving
the Configuration

Save your
configuration to flash memory, an external memory device, and/or a network
location using the Exec mode command
save
configuration . For additional information on how to verify and
save configuration files, refer to the
System
Administration Guide and the
Command Line
Interface Reference.

Configuring Optional
Features on the P-GW

The configuration
examples in this section are optional and provided to cover the most common
uses of the P-GW in a live network. The intent of these examples is to provide
a base configuration for testing.

The
group none
command specifies that no crypto strength is included and that Perfect Forward
Secrecy is disabled. This is the default setting for IPSec transform sets
configured on the system.

The
hmac command
configures the Encapsulating Security Payload (ESP) integrity algorithm. The
sha1-96 keyword
uses a 160-bit secret key to produce a 160-bit authenticator value. This is the
default setting for IPSec transform sets configured on the system.

The
mode tunnel
command specifies that the entire packet is to be encapsulated by the IPSec
header including the IP header. This is the default setting for IPSec transform
sets configured on the system.

The group 2 command specifies the Diffie-Hellman algorithm as Group 2, indicating medium security. The Diffie-Hellman algorithm controls
the strength of the crypto exponentials. This is the default setting for IKEv2 transform sets configured on the system.

The hmac command configures the Encapsulating Security Payload (ESP) integrity algorithm. The sha1-96 keyword uses a 160-bit secret key to produce a 160-bit authenticator value. This is the default setting for IKEv2 transform
sets configured on the system.

The lifetime command configures the time the security key is allowed to exist, in seconds.

The prf command configures the IKE Pseudo-random Function which produces a string of bits that cannot be distinguished from a random
bit string without knowledge of the secret key. The sha1 keyword uses a 160-bit secret key to produce a 160-bit authenticator value. This is the default setting for IKEv2 transform
sets configured on the system.

The
timeout
emergency-inactivity command specifies the timeout duration, in
seconds, to check inactivity on the emergency session. <seconds> must be an integer value from 1
through 3600.

By default,
emergency inactivity timeout is disabled (0).

The
p-cscf fqdn
command configures the P-CSCF FQDN server name for the APN. <fqdn> must be a string from 1 to 256 characters
in length.

P-CSCF FQDN has
more significance than CLI-configured P-CSCF IPv4 and IPv6 addresses.

Configuring Common
Gateway Access Support

This section
describes some advance feature configuration to support multiple access
networks (CDMA, eHRPD ,and LTE) plus a GSM/UMTS for international roaming with
the same IP addressing behavior and access to 3GPP AAA for subscriber
authorization. Subscribers using static IP addressing will be able to get the
same IP address regardless of the access technology.

This configuration
combines 3G and 4G access technologies in a common gateway supporting logical
services of HA, P-GW, and GGSN to allow subscribers to have the same user
experience, independent of the access technology available.

Important

This feature is a
license-enabled support and you may need to install a feature specific session
license on your system to use some commands related to this configuration.

These instructions
assume that you have already configured the system level configuration as
described in
System
Administration Guide and P-GW service.

The
group none
command specifies that no crypto strength is included and that Perfect Forward
Secrecy is disabled. This is the default setting for IPSec transform sets
configured on the system.

The
hmac command
configures the Encapsulating Security Payload (ESP) integrity algorithm. The
sha1-96 keyword
uses a 160-bit secret key to produce a 160-bit authenticator value. This is the
default setting for IPSec transform sets configured on the system.

The
mode tunnel
command specifies that the entire packet is to be encapsulated by the IPSec
header, including the IP header. This is the default setting for IPSec
transform sets configured on the system.

The
group 2 command
specifies the Diffie-Hellman algorithm as Group 2, indicating medium security.
The Diffie-Hellman algorithm controls the strength of the crypto exponentials.
This is the default setting for IKEv2 transform sets configured on the system.

The
hmac command
configures the Encapsulating Security Payload (ESP) integrity algorithm. The
sha1-96 keyword
uses a 160-bit secret key to produce a 160-bit authenticator value. This is the
default setting for IKEv2 transform sets configured on the system.

The
lifetime
command configures the time the security key is allowed to exist, in seconds.

The
prf command
configures the IKE Pseudo-random Function, which produces a string of bits that
cannot be distinguished from a random bit string without knowledge of the
secret key. The
sha1 keyword
uses a 160-bit secret key to produce a 160-bit authenticator value. This is the
default setting for IKEv2 transform sets configured on the system.

The
bind command in
the GTP-U and eGTP service configuration can also be specified as an IPv6
address using the
ipv6-address
command.

Configuring Guard
Timer on Create Session Request Processing

P-GW has an existing
timer "session setup-timeout" which is hard coded
to 60 seconds, which is used as a guard timer for session creation.
This timer is used for all APNs and is started when a Create Session
Request is received for any session creation.

Internal or external
processing issues or delay at external interfaces, for example,
Gx/Gy, can cause Create Session Request processing to run
longer than time expected in end to end call setup. If the session
processing is not complete when the timer expires, the Create Session Request
processing is stopped and the P-GW performs an internal cleanup
by stopping all other corresponding sessions, for example Gx/Gy.
The P-GW responds with a Create Session Failure response stating
that no resources are available to S-GW. In successful cases when
there's no delay timer is stopped during sending out the Create
Session Response.

A new CLI command has
been introduced to allow a configurable value to override the previously
hardcoded default session setup timeout value of 60 seconds. This
will help to fine tune the call setup time at P-GW with respect
to end to end call setup time.

setup-timeout: Specifies
the session setup timeout period, in seconds. If P-GW is able to process the
Create Session Request message before the timer expires, P-GW stops the timer
and sends a successful Create Session Response.

timer_value must be an integer from 1 to 120.

Default: 60
seconds

default: Default value is
60 seconds. If no value is set, the P-GW service sets the timer to the default
value.

no: Sets the timer to the
default value of 60 seconds.

Configuring the GTP
Echo Timer

The GTP echo timer
on the ASR 5500 P-GW can be configured to support two different types of path
management: default and dynamic. This timer can be configured on the GTP-C
and/or the GTP-U channels.